package controller;

import helper.UserSession;

import java.util.ArrayList;
import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import databeans.Customer;
import databeans.Employee;


import model.EmployeeDAO;
import model.Model;


public class EmployeeLoginAction extends Action {
    private EmployeeDAO employeeDAO;

    public EmployeeLoginAction(Model model) {
        employeeDAO = model.getEmployeeDAO();
    }

    public String getName() {
        return "employeeHome.do";
    }

    public String perform(HttpServletRequest request) {
        //ATTENTION
        // define target page
        //String loginPage = "employee/login-form.jsp";
        //String dashboardPage = "employee/employee-dashboard.jsp";
    	//String loginPage = "employee/login-form.jsp";
    	String loginPage = "employee/employee-login.jsp";
    	String dashboardPage = "employee/employee-dashboard.jsp";
    	
        String originPage = loginPage;
        String successPage = dashboardPage; //TODO change to employee dashboard
        
        //set the employee
        Employee employee = null;
        Customer customer = null;

        
        //errors and messages will be stored here
        //resetting those containers
        List<String> errors = new ArrayList<String>();
        List<String> messages = new ArrayList<String>();
   
        //define the error and message
        request.setAttribute("errors", errors);
        request.setAttribute("messages", messages);
        request.setAttribute("page", "emp-login");

        
        //get all the parameter from the form
        String requestType = request.getParameter("Submit");
        String username = request.getParameter("txtUsername");
        String password = request.getParameter("txtPassword");
        
        //reload the form field
        request.setAttribute("txtUsername", username);
        //request.setAttribute("txtPassword", password);
 
        
        //check if employee has been logged in
        //request.getSession() will return the current session and if one does not exist, a new session will be cretaed.
        //request.getSession(true) will return the current session if one exists, if one doesn't exits a new one will be created.
        //So there is actually no difference between the two methods HOWEVER, if you use request.getSession(false), it will return the current session if one exists and if one DOES NOT exist a new one will NOT be cretaed.
        employee = UserSession.getLoggedInEmployee(request);
        if (employee != null) {
            //messages.add("Hi " + employee.getFirstName() + ", you have already logged in under username " + employee.getUsername());
        	request.setAttribute("page", "emp-home");
            return successPage ;
        }
        
        //validate if user has necessary qualification
        //check the session

        // check for get or post request
        // if there is submit post get passed, return to origin page
        if (requestType == null) {
            //messages.add("To log in, enter your username and password");
            return originPage;     
        }
        
        //validate the input
        if (username.trim().equals("")) {
            //messages.add("To log in, enter your username and password");
            errors.add("Username cannot be empty. Please check.");
            return originPage;
        }
        
        if (password.trim().equals("")){
            //messages.add("To log in, enter your username and password");
        	errors.add("Password cannot be empty. Please check.");
            return originPage;
        }

        // at this stage, all validation should have been done
        try {
            employee = employeeDAO.lookup(username);

            if (employee == null) {
            	errors.add("Incorrect username or password. Please check.");
                return originPage;
            }

            // Check the password
            if (!employee.checkPassword(password)) {
            	errors.add("Incorrect username or password. Please check.");
                return originPage;
            }
            
            // Attach (this copy of) the employee bean to the session
            HttpSession session = UserSession.setEmployeeIntoSession(request, employee);
            
            //set the welcome message
            //messages.add("Hi " + employee.getFirstName() + "!, welcome to Carnegie Financial Service's iFund");
            //messages.add("You have succesfully logged on as " + employee.getUsername());
            //messages.add("ATTENTION: This section is only for Employee of Carnegie Financial Services");
            request.setAttribute("page", "emp-home");
            request.setAttribute("user-type", "employee");
            return successPage;

        } catch (Exception e) {
            errors.add("Unable to validate email and password.");
            return originPage;
        }

    }
}